13 matches found
CVE-2025-68803
In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...
DASAN H660WM 安全漏洞
DASAN H660WM is an optical network terminal from DASAN, Korea. A security vulnerability exists in the DASAN H660WM H660WMR210825, which stems from improper access control under default settings, and could lead to unauthorized access to sensitive information and configuration modifications...
Linux Distros Unpatched Vulnerability : CVE-2025-22070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories,...
AZL-61700 CVE-2025-22070 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx parentdir then creating a...
CVE-2025-22070 fs/9p: fix NULL pointer dereference on mkdir
In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx parentdir then creating a...
SUSE CVE-2005-2801
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the nameindex fields when sharing xattr blocks, which could prevent default ACLs from being applied...
usbguard: Fix unauthorized access via D-Bus
A flaw was found in usbguard. The vulnerability occurs due to the No default access control listACL on some D-Bus methods and leads to unauthorized access. This flaw allows an attacker to access and escape policy configuration...
usbguard: Fix unauthorized access via D-Bus
A flaw was found in usbguard. The vulnerability occurs due to the No default access control listACL on some D-Bus methods and leads to unauthorized access. This flaw allows an attacker to access and escape policy configuration...
PT-2022-15421 · Kuka · Kuka Systemsoftware V/Kss
Name of the Vulnerable Software and Affected Versions: KUKA SystemSoftware V/KSS versions prior to 8.6.5 Description: The issue is related to improper access control, allowing an unauthorized attacker to directly read and write robot configurations when access control is not available or not...
CVE-2018-10612
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials...
DEBIAN-CVE-2016-5416
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions...
iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability
Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability iDEFENSE Security Advisory 12.15.04 http://www.idefense.com/application/poi/display?id=164 December 15, 2004 I. BACKGROUND Computer Associates eTrust EZ Antivirus is antivirus protection software for home and business...
ScriptLogic sets insecure permissions on "LOGS$" share
Overview Version 4.01 of ScriptLogic contains a vulnerability in the default permissions assigned to the network share used for logging. Description The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabilities for Microsoft Windows systems in a domain...